Non-financial Risk Management in the Financial Industry

Chapter 11 describes the data governance required to facilitate an effective NFR management. Historically, data governance has focused on “financial risk” thereby often leaving non-financial risk aside. Yet, an effective non-financial risk data governance system can be established by leveraging existing data governance frameworks. This will entail a clear assignment of roles and responsibilities (including non-financial risk data officers, data owners, stewards and custodians), implementing concrete use cases, scaling-up as well as defining a comprehensive data catalogue and supporting technologies. The resulting data governance should subsequently be integrated into existing governance structures on both entity and group levels.

Accelerated by COVID-19, the financial sector is experiencing a substantial digital transformation of business and operating models, mainly to cater for changing customer expectations and behaviour and to optimise the efficiency of financial operations. Digitisation multiplies the volume of available data and opens opportunities for the use of artificial intelligence (AI) and other forms of sophisticated analytics in non-financial risk management. Concurrently, regulatory expectations on the financial sector’s uses of AI are increasingly demanding and must be managed to withstand regulatory scrutiny. Chapter 12 examines how AI can help improve non-financial risk management and contains two use cases for AI usage: financial crime prevention and the prevention of market abuse.

Recent scandals in the corporate world have demonstrated that a lack of ethical values is often at the root of corporate misconduct. Hence, the role of conduct and ethics cannot be emphasised enough.

Chapter 13 describes the subtle interplay between ethics, conduct and integrity in the context of the financial industry, and it outlines the implications for managers who must learn to navigate today’s complex regulatory landscape. Most business ethicists agree that, in general, financial institutions’ ethical taxonomies could be divided into two categories: conduct/compliance-based ethics and integrity-based ethics. While the former constitute principles and codes born from government regulations, the latter are based on the establishment of core principles to which all employees are asked to adhere to and govern themselves accordingly. Organisations that combine both conduct-/compliance-based with integrity-based ethics could significantly mitigate conduct risk (market, client and employee conduct risk). Three major areas emerge as key focal points for regulatory oversight: expansion of the circle of stakeholders, elimination of “rolling bad apples” and greater cross-border collaborations. Supervisory bodies expect companies to behave ethically and maintain a strong focus on good conduct, not just towards their customers but towards all stakeholders. Technology is playing an increasingly bigger role in the support of its monitoring and implementation.

Chapter 14 examines two key trends in the regulation of conduct risk: Treating Customers Fairly (TFC) and the Senior Managers and Certification Regime (SM&CR). The idea of TFC as the standard for good conduct has made its way into financial regulatory frameworks all across the globe. Another overarching global trend has been the shift away from a case-by-case approach towards treating conduct risk as a systemic phenomenon. As such, recent regulations have focused on extending individual liabilities through elaborate SM&CRs. Conduct risk figures prominently on the ESG agenda for mainly two reasons: it is a key feature of a firm’s governance framework and directly impacted by sustainability risks, and its occurrence is estimated to be on the rise as ESG investing brings forth novel opportunities and new decision-making.

To manage conduct risk, the development and implementation of an effective conduct risk framework is required, reflecting and tailored to a firm’s culture, business environment and regulatory landscape, while it is also implemented through appropriate systems. Three key principles, however, should stand at the core of every framework: standardised metrics, customer centricity and clear definitions. Unfortunately, there is no one-size-fits-all approach. Each financial institution must remain vigilant about new conduct risks and develop its own approach based on its own exposures, activities and overall strategies.

With the issuance of the UN Sustainable Development Goals, the Paris Climate Agreement in 2015 and, more recently, the COP26 climate summit in Glasgow in 2021, ESG issues have risen to the top of the agenda of the global financial services sector. Of all ESG topics, climate change has the highest profile – for good reason. The risks associated with climate change and their implications for the global financial system’s stability are now universally acknowledged. In addition, financial institutions are set to play a pivotal role in global efforts to adapt to climate change as well as mitigate its negative effects. Adaptation in this context requires financial institutions to support clients in managing the physical risks associated with the impact of climate change (such as destruction of assets by natural disasters). Climate change mitigation, on the other hand, requires a transition to a carbon-neutral economy which will in turn involve trillions of dollars in funding. Directing private funding to sustainable activities is a monumental effort that requires both a cross-border coordination and support from the financial services industry.

Chapter 15 begins with a review of the current ESG regulatory landscape in selected jurisdictions, noting the different levels of regulatory advancement but also the breakneck speed at which new sustainable finance regulations are being rolled out. These and their impact from the standpoint of compliance will be a key theme going forward. The chapter then examines the most common challenges associated with ESG implementation, such as divergent approaches to materiality of ESG information, lack of uniform taxonomies of sustainable activities, scarcity of ESG data and the resulting reliance on third party information providers. The chapter also covers the voluntary disclosure standards and frameworks which came to the fore in recent years, and provides guidance on their application and use.

The chapter continues to analyse the key components required for a successful green transition, noting the importance of having a clear ESG strategy supported by a robust governance model. The right resources, technology, culture and ecosystems are key enablers of an ESG transition, and they can also create new value-generating opportunities.

Fußnoten:

[1]BCG 2021a.

Martina Mietzner, Dr. Julia Gebhardt, Dr. Katharina Hefter, Jennifer Rabener, Dr. Carsten Wiegand

Risk management has always been a core element of financial institutions, which play a significant role in the transformation function of the financial markets, thereby transforming lot sizes, maturity and risk. [1]However, in recent years, not all loss events can be attributed to traditional financial risks. These so-called non-financial risks are, in fact, linked to operations.

As a first step in the discussion of risk management and the different types of risk, it makes sense to consider the definition of risk itself. According to the Oxford Learner’s Dictionary , risk is defined as “the possibility of something bad happening at some time in the future; a situation that could be dangerous or have a bad result.”